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DETAILED ACTION 

Response to Amendment 

The applicant has amended claims 1, 22, and 33. Claims 1-12, 14-27, 29-34, and 36-46 
are pending. The applicant incorrectly stated that claims 1-46 are pending in the 
Remarks/ Argument section of the applicant's amendment. 

Response to Arguments 

Applicant's arguments, see Remarks/ Arguments, filed 1/28/2008, with respect to the 
rejection(s) of claim(s) 1, 22, and 33 under 35 USC section 103 by Sullivan and Freund have 
been fully considered and are persuasive. Therefore, the rejection has been withdrawn. 
However, upon further consideration, a new ground(s) of rejection is made in view of U.S. 
Patent Number 6,067,548 to Cheng. 

Recommended Claim Amendments 

In order to differentiate the claimed invention from the prior art it is recommended that 
he applicant add details to the claims to indicate where in the access management system the 
claimed method steps are being performed. Such details would help in differentiating the 
applicant's invention from the Cheng reference. 



Claim Rejections - 35 USC §102 

The following is a quotation of the appropriate paragraphs of 35 U.S. C. 102 that form the 
basis for the rejections under this section made in this Office action: 
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A person shall be entitled to a patent unless - 

(a) the invention was known or used by others in this country, or patented or described in a printed publication in this 
or a foreign country, before the invention thereof by the applicant for a patent. 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 351(a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 21(2) of such treaty in the English language. 

Claims 1-2 and 4-39 are rejected under 35 U.S.C. 102(a) and (e) as being anticipated by 
U.S. Patent Number 6,067,548 to Cheng. 

As to claim 1 , Chang teaches a method in an access management system comprising an 
identity system for managing identity profiles and an access system for providing security of 
resources across one or more web servers, the method for defining a workflow for managing 
entity identities, the method comprising the steps of: the access management system accessing a 
template that indicates one or more parameters for defining one or more workflows for managing 
identity profiles, wherein said one or more parameters comprise one or more parameters that 
define an operation to be performed on identity profiles as part of said one or more workflows 
(col. 11, line 59-col. 12, line 26); creating a definition of a first workflow for managing an 
identity profile for at least one user, based on said template, wherein said identity profile is used 
by said access management system to control access by said at least one user to said resources 
across one or more web servers, wherein the first workflow is configured to automate the process 
of managing the identity profile by executing the operation defined by one or more workflow 
parameters (col. 11, lines 4-52); and storing said definition of said first workflow at a mass 
storage device (col. 7, lines 55-67). 

As to claim 2, Cheng teaches a method according to claim 1, wherein: said template 
includes a set of parameters for each action available to a workflow type (col. 13, lines 51-60). 
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As to claim 4, Cheng teaches a method according to claim 1, further comprising the steps 
of: adding data to said template after said step of storing; creating a definition of a second 
workflow after said step of adding data; and storing said definition of said second workflow (col. 
14, lines 14-50). 

As to claim 5, Cheng teaches a method according to claim 1, further comprising the step 
of: creating the template (col. 11, line 4-col. 12, line 26). 

As to claim 6, Cheng teaches a method according to claim 5, wherein said step of 
creating said template includes the steps of: adding a set of workflow types to said template; 
adding one or more actions for at least a subset of said workflow types; and adding parameters 
for at least a subset of said actions (col. 13, lines 24-37). 

As to claim 7, Cheng teaches a method according to claim 1, wherein: said template 
applies to only one application (col. 11, line 4-col. 12, line 26). 

As to claim 8, Cheng teaches a method according to claim 1, wherein: said template 
includes parameters for creating objects, deleting objects and changing attributes (col. 11, line 4- 
col. 12, line 26). 

As to claim 9, Cheng teaches a method according to claim 1, wherein: said template 
includes parameters for self registration (col. 11, line 4-col. 12, line 26). 

As to claim 10, Cheng teaches a method according to claim 1, wherein: said template 
includes a parameter indicating whether supplied variables can be used in said step of creating 
(col. 11, line 4-col. 12, line 26). 
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As to claim 11, Cheng teaches a method according to claim 1, wherein: said template 
includes a parameter indicating whether additional workflows can be used to supply data (col. 
11, line 4-col. 12, line 26). 

As to claim 12, Cheng teaches a method according to claim 11, wherein: said additional 
workflows includes multiple levels of nesting of workflows (col. 11, line 4-col. 12, line 26). 

As to claim 14, Cheng teaches a method according to claim 1, wherein said step of 
creating includes the step of: accessing one or more parameters in said template; offering a set of 
options based on said accessed parameters; and receiving a selection of one or more of said 
offered options (col. 11, line 4-col. 12, line 26). 

As to claim 15, Cheng teaches a method according to claim 1, wherein said step of 
creating includes the steps of: determining a first set of possible actions for a particular step 
based on said template; reporting said first set of possible actions; and receiving a selection of a 
first action of said first set of possible actions (col. 11, line 4-col. 12, line 26). 

As to claim 16, Cheng teaches a method according to claim 1, wherein said step of 
creating includes the steps of: determining a first set of possible data types for a particular action 
based on said template; reporting said first set of possible data types; receiving an indication of a 
variable for said first workflow; and receiving a selection of a first data type for said variable 
(col. 11, line 4-col. 12, line 26). 

As to claim 17, Cheng teaches a method according to claim 16, wherein: said first data 
type is a variable supplied by another workflow (col. 11, line 4-col. 12, line 26). 

As to claim 18, Cheng teaches a method according to claim 1, wherein said step of 
creating includes the steps of: determining whether pre actions are available for a particular 
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action based on said template; reporting whether pre actions are available for said particular 
action; and receiving a selection of whether to add pre actions to said definition of said first 
workflow for said particular action (col. 11, line 4-col. 12, line 26). 

As to claim 19, Cheng teaches a method according to claim 1, wherein said step of 
creating includes the steps of: determining a first set of possible entry conditions for a particular 
action based on said template; reporting said a first set of possible entry conditions; receiving a 
selection of a first entry condition of said first set of possible entry conditions; determining and 
reporting whether said first entry condition is associated with a sub-workflow; and receiving an 
indication whether said first workflow should wait for said sub-workflow (col. 11, line 4-col. 12, 
line 26). 

As to claim 20, Cheng teaches a method according to claim 1, wherein said step of 
creating includes the steps of: determining a first set of possible actions for a particular step 
based on said template; reporting said first set of possible actions; receiving a selection of a first 
action of said first set of possible actions; determining a first set of possible data types for said 
first action based on said template; reporting said first set of possible data types; receiving an 
indication of a variable for said first workflow; receiving a selection of a first data type for said 
variable; determining whether pre or post actions are available for said first action based on said 
template; reporting whether pre or post actions are available for said first action; receiving a 
selection of whether to add pre or post actions to said definition of said first workflow for said 
first action; determining a first set of possible entry conditions for said first action based on said 
template; reporting said a first set of possible entry conditions; receiving a selection of a first 
entry condition of said a first set of possible entry conditions; determining and reporting whether 
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said first entry condition is associated with a sub-workflow; and receiving an indication whether 
said first workflow should wait for said sub-workflow (col. 11, line 4-col. 12, line 26). 

As to claim 21, Cheng teaches a method according to claim 1, wherein said step of 
creating includes the steps of: accessing one or more parameters in said template; offering a set 
of options in a graphical user interface based on said accessed parameters; and receiving a 
selection of one or more of said offered options using said graphical user interface (Figure 9). 

As to claims 22-39, they are rejected for similar reasoning to claims 1-21 as being 
devices and a system for performing the method of claims 1-21. 

Claim Rejections - 35 USC §103 

The following is a quotation of 35 U.S. C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

Claim 40 is rejected under 35 U.S. C. 103(a) as being unpatentable over U.S. Patent 
Number 6,067,548 to Cheng. 

As to claims 40, Cheng does not explicitly teach enrolling, renewing, and revoking 
certificates. Official notice is taken that the use of certificates was well known at the time of the 
invention. It would have been obvious to combine the teachings of Cheng with the certificates 
because certificates provide an added layer of security and the claims are not actually doing 
anything specific with the certificates thus using certificates as claimed would produce a 
predictable result. 
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Claims 3 and 41-46 are rejected under 35 U.S.C. 103(a) as being unpatentable over U.S. 
Patent Number 6,067,548 to Cheng in view of U.S. Patent Number 7,080,078 to Slaughter et al. 

As to claims 3 and 41-46, Cheng does not explicitly teach the use of XML and callback 
URL's for performing workflow functions. 

Slaughter teaches the use of XML messages and callback URL's for performing 
workflow functions (col. 8, lines 24-48). 

It would have been obvious to one of ordinary skill in the Computer Networking art at the 
time of the invention to combine the teachings of Cheng regarding the management of users with 
workflows with the teachings of Slaughter regarding XML and callback URL's because XML 
provides a way of standardizing messages via a network. 

Conclusion 

Applicant's amendment necessitated the new ground(s) of rejection presented in this 
Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). 
Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1 .136(a) will be calculated from the mailing date of the advisory action. In no event, 
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however, will the statutory period for reply expire later than SIX MONTHS from the date of this 
final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to DOUGLAS B. BLAIR whose telephone number is (571)272- 
3893. The examiner can normally be reached on 9:00am-5:30pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Andrew Caldwell can be reached on (571) 272-3868. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



/Douglas B Blair/ 
Examiner, Art Unit 2142 



